generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New function X509_get0_pubkey

Browse Source 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2015-12-14 13:13:32 +00:00
parent 2872dbe1c4
commit c01ff880d4
12 changed files with 50 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/ca.c
View File

@ -1402,12 +1402,11 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
BIO_printf(bio_err, "Check that the request matches the signature\n"); BIO_printf(bio_err, "Check that the request matches the signature\n");
if ((pktmp = X509_get_pubkey(req)) == NULL) { if ((pktmp = X509_get0_pubkey(req)) == NULL) {
BIO_printf(bio_err, "error unpacking public key\n"); BIO_printf(bio_err, "error unpacking public key\n");
goto end; goto end;
} }
i = X509_verify(req, pktmp); i = X509_verify(req, pktmp);
EVP_PKEY_free(pktmp);
if (i < 0) { if (i < 0) {
ok = 0; ok = 0;
BIO_printf(bio_err, "Signature verification problems....\n"); BIO_printf(bio_err, "Signature verification problems....\n");
@ -1890,11 +1889,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
} }
} }
pktmp = X509_get_pubkey(ret); pktmp = X509_get0_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) && if (EVP_PKEY_missing_parameters(pktmp) &&
!EVP_PKEY_missing_parameters(pkey)) !EVP_PKEY_missing_parameters(pkey))
EVP_PKEY_copy_parameters(pktmp, pkey); EVP_PKEY_copy_parameters(pktmp, pkey);
EVP_PKEY_free(pktmp);
if (!do_X509_sign(ret, pkey, dgst, sigopts)) if (!do_X509_sign(ret, pkey, dgst, sigopts))
goto end; goto end;

3
apps/crl.c
View File

@ -253,14 +253,13 @@ int crl_main(int argc, char **argv)
BIO_printf(bio_err, "Error getting CRL issuer certificate\n"); BIO_printf(bio_err, "Error getting CRL issuer certificate\n");
goto end; goto end;
} }
pkey = X509_get_pubkey(xobj.data.x509); pkey = X509_get0_pubkey(xobj.data.x509);
X509_OBJECT_free_contents(&xobj); X509_OBJECT_free_contents(&xobj);
if (!pkey) { if (!pkey) {
BIO_printf(bio_err, "Error getting CRL issuer public key\n"); BIO_printf(bio_err, "Error getting CRL issuer public key\n");
goto end; goto end;
} }
i = X509_CRL_verify(x, pkey); i = X509_CRL_verify(x, pkey);
EVP_PKEY_free(pkey);
if (i < 0) if (i < 0)
goto end; goto end;
if (i == 0) if (i == 0)

3
apps/s_cb.c
View File

@ -1402,13 +1402,12 @@ static int security_callback_debug(SSL *s, SSL_CTX *ctx,
int sig_nid = X509_get_signature_nid(other); int sig_nid = X509_get_signature_nid(other);
BIO_puts(sdb->out, OBJ_nid2sn(sig_nid)); BIO_puts(sdb->out, OBJ_nid2sn(sig_nid));
} else { } else {
EVP_PKEY *pkey = X509_get_pubkey(other); EVP_PKEY *pkey = X509_get0_pubkey(other);
const char *algname = ""; const char *algname = "";
EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL,
&algname, EVP_PKEY_get0_asn1(pkey)); &algname, EVP_PKEY_get0_asn1(pkey));
BIO_printf(sdb->out, "%s, bits=%d", BIO_printf(sdb->out, "%s, bits=%d",
algname, EVP_PKEY_bits(pkey)); algname, EVP_PKEY_bits(pkey));
EVP_PKEY_free(pkey);
} }
break; break;
} }

3
apps/s_client.c
View File

@ -2206,10 +2206,9 @@ static void print_stuff(BIO *bio, SSL *s, int full)
SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
if (peer != NULL) { if (peer != NULL) {
EVP_PKEY *pktmp; EVP_PKEY *pktmp;
pktmp = X509_get_pubkey(peer); pktmp = X509_get0_pubkey(peer);
BIO_printf(bio, "Server public key is %d bit\n", BIO_printf(bio, "Server public key is %d bit\n",
EVP_PKEY_bits(pktmp)); EVP_PKEY_bits(pktmp));
EVP_PKEY_free(pktmp);
} }
BIO_printf(bio, "Secure Renegotiation IS%s supported\n", BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
SSL_get_secure_renegotiation_support(s) ? "" : " NOT"); SSL_get_secure_renegotiation_support(s) ? "" : " NOT");

9
apps/x509.c
View File

@ -723,7 +723,7 @@ int x509_main(int argc, char **argv)
} else if (modulus == i) { } else if (modulus == i) {
EVP_PKEY *pkey; EVP_PKEY *pkey;
pkey = X509_get_pubkey(x); pkey = X509_get0_pubkey(x);
if (pkey == NULL) { if (pkey == NULL) {
BIO_printf(bio_err, "Modulus=unavailable\n"); BIO_printf(bio_err, "Modulus=unavailable\n");
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
@ -742,18 +742,16 @@ int x509_main(int argc, char **argv)
#endif #endif
BIO_printf(out, "Wrong Algorithm type"); BIO_printf(out, "Wrong Algorithm type");
BIO_printf(out, "\n"); BIO_printf(out, "\n");
EVP_PKEY_free(pkey);
} else if (pubkey == i) { } else if (pubkey == i) {
EVP_PKEY *pkey; EVP_PKEY *pkey;
pkey = X509_get_pubkey(x); pkey = X509_get0_pubkey(x);
if (pkey == NULL) { if (pkey == NULL) {
BIO_printf(bio_err, "Error getting public key\n"); BIO_printf(bio_err, "Error getting public key\n");
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
goto end; goto end;
} }
PEM_write_bio_PUBKEY(out, pkey); PEM_write_bio_PUBKEY(out, pkey);
EVP_PKEY_free(pkey);
} else if (C == i) { } else if (C == i) {
unsigned char *d; unsigned char *d;
char *m; char *m;
@ -991,9 +989,8 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
X509_STORE_CTX xsc; X509_STORE_CTX xsc;
EVP_PKEY *upkey; EVP_PKEY *upkey;
upkey = X509_get_pubkey(xca); upkey = X509_get0_pubkey(xca);
EVP_PKEY_copy_parameters(upkey, pkey); EVP_PKEY_copy_parameters(upkey, pkey);
EVP_PKEY_free(upkey);
if (!X509_STORE_CTX_init(&xsc, ctx, x, NULL)) { if (!X509_STORE_CTX_init(&xsc, ctx, x, NULL)) {
BIO_printf(bio_err, "Error initialising X509 store\n"); BIO_printf(bio_err, "Error initialising X509 store\n");

23
crypto/asn1/x_pubkey.c
View File

@ -121,38 +121,36 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
return 0; return 0;
} }
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key)
{ {
EVP_PKEY *ret = NULL; EVP_PKEY *ret = NULL;
if (key == NULL) if (key == NULL)
goto error; goto error;
if (key->pkey != NULL) { if (key->pkey != NULL)
CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
return key->pkey; return key->pkey;
}
if (key->public_key == NULL) if (key->public_key == NULL)
goto error; goto error;
if ((ret = EVP_PKEY_new()) == NULL) { if ((ret = EVP_PKEY_new()) == NULL) {
X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); X509err(X509_F_X509_PUBKEY_GET0, ERR_R_MALLOC_FAILURE);
goto error; goto error;
} }
if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) { if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM); X509err(X509_F_X509_PUBKEY_GET0, X509_R_UNSUPPORTED_ALGORITHM);
goto error; goto error;
} }
if (ret->ameth->pub_decode) { if (ret->ameth->pub_decode) {
if (!ret->ameth->pub_decode(ret, key)) { if (!ret->ameth->pub_decode(ret, key)) {
X509err(X509_F_X509_PUBKEY_GET, X509_R_PUBLIC_KEY_DECODE_ERROR); X509err(X509_F_X509_PUBKEY_GET0, X509_R_PUBLIC_KEY_DECODE_ERROR);
goto error; goto error;
} }
} else { } else {
X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED); X509err(X509_F_X509_PUBKEY_GET0, X509_R_METHOD_NOT_SUPPORTED);
goto error; goto error;
} }
@ -166,7 +164,6 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
key->pkey = ret; key->pkey = ret;
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
} }
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
return ret; return ret;
@ -175,6 +172,14 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
return (NULL); return (NULL);
} }
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
{
EVP_PKEY *ret = X509_PUBKEY_get0(key);
if (ret != NULL)
EVP_PKEY_up_ref(ret);
return ret;
}
/* /*
* Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or
* decode as X509_PUBKEY * decode as X509_PUBKEY

3
crypto/x509/t_x509.c
View File

@ -209,13 +209,12 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
if (BIO_puts(bp, "\n") <= 0) if (BIO_puts(bp, "\n") <= 0)
goto err; goto err;
pkey = X509_get_pubkey(x); pkey = X509_get0_pubkey(x);
if (pkey == NULL) { if (pkey == NULL) {
BIO_printf(bp, "%12sUnable to load Public Key\n", ""); BIO_printf(bp, "%12sUnable to load Public Key\n", "");
ERR_print_errors(bp); ERR_print_errors(bp);
} else { } else {
EVP_PKEY_print_public(bp, pkey, 16, NULL); EVP_PKEY_print_public(bp, pkey, 16, NULL);
EVP_PKEY_free(pkey);
} }
} }

18
crypto/x509/x509_cmp.c
View File

@ -305,11 +305,18 @@ X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
return (NULL); return (NULL);
} }
EVP_PKEY *X509_get0_pubkey(X509 *x)
{
if (x == NULL)
return NULL;
return X509_PUBKEY_get0(x->cert_info.key);
}
EVP_PKEY *X509_get_pubkey(X509 *x) EVP_PKEY *X509_get_pubkey(X509 *x)
{ {
if (x == NULL) if (x == NULL)
return (NULL); return NULL;
return (X509_PUBKEY_get(x->cert_info.key)); return X509_PUBKEY_get(x->cert_info.key);
} }
ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
@ -324,7 +331,7 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
EVP_PKEY *xk; EVP_PKEY *xk;
int ret; int ret;
xk = X509_get_pubkey(x); xk = X509_get0_pubkey(x);
if (xk) if (xk)
ret = EVP_PKEY_cmp(xk, k); ret = EVP_PKEY_cmp(xk, k);
@ -343,7 +350,6 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
case -2: case -2:
X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE); X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE);
} }
EVP_PKEY_free(xk);
if (ret > 0) if (ret > 0)
return 1; return 1;
return 0; return 0;
@ -411,7 +417,7 @@ int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
goto end; goto end;
} }
pk = X509_get_pubkey(x); pk = X509_get0_pubkey(x);
/* Check EE key only */ /* Check EE key only */
rv = check_suite_b(pk, -1, &tflags); rv = check_suite_b(pk, -1, &tflags);
if (rv != X509_V_OK) { if (rv != X509_V_OK) {
@ -426,7 +432,6 @@ int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
rv = X509_V_ERR_SUITE_B_INVALID_VERSION; rv = X509_V_ERR_SUITE_B_INVALID_VERSION;
goto end; goto end;
} }
EVP_PKEY_free(pk);
pk = X509_get_pubkey(x); pk = X509_get_pubkey(x);
rv = check_suite_b(pk, sign_nid, &tflags); rv = check_suite_b(pk, sign_nid, &tflags);
if (rv != X509_V_OK) if (rv != X509_V_OK)
@ -436,7 +441,6 @@ int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
/* Final check: root CA signature */ /* Final check: root CA signature */
rv = check_suite_b(pk, X509_get_signature_nid(x), &tflags); rv = check_suite_b(pk, X509_get_signature_nid(x), &tflags);
end: end:
EVP_PKEY_free(pk);
if (rv != X509_V_OK) { if (rv != X509_V_OK) {
/* Invalid signature or LOS errors are for previous cert */ /* Invalid signature or LOS errors are for previous cert */
if ((rv == X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM if ((rv == X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM

2
crypto/x509/x509_err.c
View File

@ -109,7 +109,7 @@ static ERR_STRING_DATA X509_str_functs[] = {
{ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"}, {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
{ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"}, {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
{ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"}, {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
{ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"}, {ERR_FUNC(X509_F_X509_PUBKEY_GET0), "X509_PUBKEY_get0"},
{ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"}, {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
{ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY), {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),
"X509_REQ_check_private_key"}, "X509_REQ_check_private_key"},

19
crypto/x509/x509_vfy.c
View File

@ -1559,7 +1559,7 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
} }
/* Attempt to get issuer certificate public key */ /* Attempt to get issuer certificate public key */
ikey = X509_get_pubkey(issuer); ikey = X509_get0_pubkey(issuer);
if (!ikey) { if (!ikey) {
ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
@ -1588,7 +1588,6 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
ok = 1; ok = 1;
err: err:
EVP_PKEY_free(ikey);
return ok; return ok;
} }
@ -1769,7 +1768,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
if (!xs->valid if (!xs->valid
&& (xs != xi && (xs != xi
|| (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) { || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) {
if ((pkey = X509_get_pubkey(xi)) == NULL) { if ((pkey = X509_get0_pubkey(xi)) == NULL) {
ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
ctx->current_cert = xi; ctx->current_cert = xi;
ok = (*cb) (0, ctx); ok = (*cb) (0, ctx);
@ -1779,14 +1778,10 @@ static int internal_verify(X509_STORE_CTX *ctx)
ctx->error = X509_V_ERR_CERT_SIGNATURE_FAILURE; ctx->error = X509_V_ERR_CERT_SIGNATURE_FAILURE;
ctx->current_cert = xs; ctx->current_cert = xs;
ok = (*cb) (0, ctx); ok = (*cb) (0, ctx);
if (!ok) { if (!ok)
EVP_PKEY_free(pkey);
goto end; goto end;
} }
} }
EVP_PKEY_free(pkey);
pkey = NULL;
}
xs->valid = 1; xs->valid = 1;
@ -1973,7 +1968,7 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
return 1; return 1;
for (i = 0; i < sk_X509_num(chain); i++) { for (i = 0; i < sk_X509_num(chain); i++) {
ktmp = X509_get_pubkey(sk_X509_value(chain, i)); ktmp = X509_get0_pubkey(sk_X509_value(chain, i));
if (ktmp == NULL) { if (ktmp == NULL) {
X509err(X509_F_X509_GET_PUBKEY_PARAMETERS, X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
@ -1981,8 +1976,6 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
} }
if (!EVP_PKEY_missing_parameters(ktmp)) if (!EVP_PKEY_missing_parameters(ktmp))
break; break;
EVP_PKEY_free(ktmp);
ktmp = NULL;
} }
if (ktmp == NULL) { if (ktmp == NULL) {
X509err(X509_F_X509_GET_PUBKEY_PARAMETERS, X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
@ -1992,14 +1985,12 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
/* first, populate the other certs */ /* first, populate the other certs */
for (j = i - 1; j >= 0; j--) { for (j = i - 1; j >= 0; j--) {
ktmp2 = X509_get_pubkey(sk_X509_value(chain, j)); ktmp2 = X509_get0_pubkey(sk_X509_value(chain, j));
EVP_PKEY_copy_parameters(ktmp2, ktmp); EVP_PKEY_copy_parameters(ktmp2, ktmp);
EVP_PKEY_free(ktmp2);
} }
if (pkey != NULL) if (pkey != NULL)
EVP_PKEY_copy_parameters(pkey, ktmp); EVP_PKEY_copy_parameters(pkey, ktmp);
EVP_PKEY_free(ktmp);
return 1; return 1;
} }

11
doc/crypto/X509_get_pubkey.pod
View File

@ -2,7 +2,7 @@
=head1 NAME =head1 NAME
X509_get_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY, X509_get_pubkey, X509_get0_pubkey, X509_set_pubkey, X509_get_X509_PUBKEY,
X509_REQ_get_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or X509_REQ_get_pubkey, X509_REQ_set_pubkey, X509_REQ_get_X509_PUBKEY - get or
set certificate or certificate request public key. set certificate or certificate request public key.
@ -11,6 +11,7 @@ set certificate or certificate request public key.
#include <openssl/x509.h> #include <openssl/x509.h>
EVP_PKEY *X509_get_pubkey(X509 *x); EVP_PKEY *X509_get_pubkey(X509 *x);
EVP_PKEY *X509_get0_pubkey(X509 *x);
int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x); X509_PUBKEY *X509_get_X509_PUBKEY(X509 *x);
@ -23,6 +24,8 @@ set certificate or certificate request public key.
X509_get_pubkey() attempts to decode the public key for certificate B<x>. If X509_get_pubkey() attempts to decode the public key for certificate B<x>. If
successful it returns the public key as an B<EVP_PKEY> pointer with its successful it returns the public key as an B<EVP_PKEY> pointer with its
reference count incremented: this means the returned key must be freed up reference count incremented: this means the returned key must be freed up
after use. X509_get0_pubkey() is similar except it does B<not> increment
the reference count of the returned B<EVP_PKEY> so it must not be freed up
after use. after use.
X509_get_X509_PUBKEY() returns an internal pointer to the B<X509_PUBKEY> X509_get_X509_PUBKEY() returns an internal pointer to the B<X509_PUBKEY>
@ -44,9 +47,9 @@ improve performance.
=head1 RETURN VALUES =head1 RETURN VALUES
X509_get_pubkey(), X509_get_X509_PUBKEY(), X509_REQ_get_pubkey() and X509_get_pubkey(), X509_get0_pubkey(), X509_get_X509_PUBKEY(),
X509_REQ_get_X509_PUBKEY() return a public key or B<NULL> if an error X509_REQ_get_pubkey() and X509_REQ_get_X509_PUBKEY() return a public key or
occurred. B<NULL> if an error occurred.
X509_set_pubkey() and X509_REQ_set_pubkey() rerturn 1 for success and 0 X509_set_pubkey() and X509_REQ_set_pubkey() rerturn 1 for success and 0
for failure. for failure.

4
include/openssl/x509.h
View File

@ -575,6 +575,7 @@ DECLARE_ASN1_FUNCTIONS(X509_VAL)
DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
EVP_PKEY *X509_PUBKEY_get0(X509_PUBKEY *key);
EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key); EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp); int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
@ -708,6 +709,7 @@ STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
void X509_get0_uids(ASN1_BIT_STRING **piuid, ASN1_BIT_STRING **psuid, X509 *x); void X509_get0_uids(ASN1_BIT_STRING **piuid, ASN1_BIT_STRING **psuid, X509 *x);
X509_ALGOR *X509_get0_tbs_sigalg(X509 *x); X509_ALGOR *X509_get0_tbs_sigalg(X509 *x);
EVP_PKEY *X509_get0_pubkey(X509 *x);
EVP_PKEY *X509_get_pubkey(X509 *x); EVP_PKEY *X509_get_pubkey(X509 *x);
ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x); ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ ); int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
@ -1097,7 +1099,7 @@ void ERR_load_X509_strings(void);
# define X509_F_X509_NAME_ONELINE 116 # define X509_F_X509_NAME_ONELINE 116
# define X509_F_X509_NAME_PRINT 117 # define X509_F_X509_NAME_PRINT 117
# define X509_F_X509_PRINT_EX_FP 118 # define X509_F_X509_PRINT_EX_FP 118
# define X509_F_X509_PUBKEY_GET 119 # define X509_F_X509_PUBKEY_GET0 119
# define X509_F_X509_PUBKEY_SET 120 # define X509_F_X509_PUBKEY_SET 120
# define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 # define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144
# define X509_F_X509_REQ_PRINT_EX 121 # define X509_F_X509_REQ_PRINT_EX 121